Pedro Bezunartea López wrote: >I have several computers connected to the >internet through a DSL router that assigns >rfc1918 (192.168.1.x) addresses to the systems >connected. I have a server where shorewall is >installed with one interface eth0, with a static >ip ( <http://192.168.1.3>192.168.1.3). The >router is configured to forward all connections >from the internet to the linux server. > >I'd like to know how I can configure shorewall >to allow connections from the local network ( >192.168.1.x) to several services (smb mainly) >but not from the internet. > >I thought I needed to create the 'loc' zone with >ip addresses in the net ><http://192.168.1.0>192.168.1.0, and assume any >other address to come from the 'net' zone. > >I've read I need to use the hosts file, but I >haven't been able to find find out how.
How about a rule saying : SMB/ACCEPT net:192.168.1.0/24 $FW Repeat for all services you want to make available. ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
